Information Systems Security Compliance Engineer
To see similar active jobs please follow this link: Remote System Administration jobs
The Security Compliance Engineer works in the office of the CISO in the Risk & Compliance team to help Canonical to achieve overall security & compliance goals and relevant certifications, as well as compliance with regulatory frameworks and other relevant standards.
The team's role is to ensure that Canonical conducts its business processes in compliance with laws and regulations, internal policies and procedures defined and international standards/best practices. This position is for an individual with the knowledge, drive and personal motivation to help build and grow a strong security & compliance governance framework in a fast-growing tech company, as well as help it achieve/maintain the necessary compliance certifications.
This role can be home or office based. Periodic international travel for training and business meetings is required.
Key responsibilities:
Collaborate with IT operations, Legal, Security, and Engineering teams to define and implement policies and procedures
Help to design and implement controls to strengthen the company’s Security Posture
Collaborate with various teams to ensure security standards are met across all projects
Assess vulnerabilities/risks that could affect the integrity, availability, or confidentiality of data, systems, or services of the company and provide mitigation solutions
Conduct regular audits to ensure compliance with internal policies and procedures, relevant security standards best practices, regulations and client requirements to identify gaps and provide remediation solutions
Ensure controls are configured correctly and integrated into the security strategy
Collaborate with internal teams to respond to Security Questionnaires, Contract Compliance and Security & Compliance posture questions from customers
Provide guidance and support to internal stakeholders regarding security & compliance practices
Collaborate with internal teams to gather evidence for external audits
Participate in the creation and or maintenance of the Information Security Management System
Maintain an up-to-date knowledge on Security standards, best practices and trends to ensure ongoing compliance
Required skills and experience:
2+ years of experience within a security and compliance function
Experience developing and maintaining policies, procedures, standards, and guidelines to align with company’s strategy and best practices
Experience with security controls implementation, configuration and maintenance
Experience with vulnerability management tooling, remediation, and processes
Experience with coding/scripting in one or more languages (Python, C, C++, Java)
Experience with Linux operating systems (Ubuntu preferred)
Understanding of concepts related to Systems Engineering/DevOps, IaC, IAM, network security, systems security, cryptography
Have a wide understanding of cybersecurity and data protection frameworks such as ISO 27001, NIST, SOC2, PCI-DSS, GDPR, CCPA.
Experience with third party and external audits
Valuable experience:
Bachelor's degree (or equivalent) in Computer Science, Information Systems, or related field
Affinity with Open Source software with regards to compliance
Knowledge of designing and implementing security processes and solutions with topics ranging from architecture, governance, compliance, and operations
Technical or engineering background, including software development, scripting, networking, and cloud architecture
Canonical is a growing international software company that works with the open-source community to deliver Ubuntu, the world’s best free software platform. Our services help businesses worldwide reduce costs, improve efficiency and enhance security with Ubuntu.
About Canonical
Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game.
Canonical is an equal opportunity employer
We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.
#LI-remote
About the job
Information Systems Security Compliance Engineer
To see similar active jobs please follow this link: Remote System Administration jobs
The Security Compliance Engineer works in the office of the CISO in the Risk & Compliance team to help Canonical to achieve overall security & compliance goals and relevant certifications, as well as compliance with regulatory frameworks and other relevant standards.
The team's role is to ensure that Canonical conducts its business processes in compliance with laws and regulations, internal policies and procedures defined and international standards/best practices. This position is for an individual with the knowledge, drive and personal motivation to help build and grow a strong security & compliance governance framework in a fast-growing tech company, as well as help it achieve/maintain the necessary compliance certifications.
This role can be home or office based. Periodic international travel for training and business meetings is required.
Key responsibilities:
Collaborate with IT operations, Legal, Security, and Engineering teams to define and implement policies and procedures
Help to design and implement controls to strengthen the company’s Security Posture
Collaborate with various teams to ensure security standards are met across all projects
Assess vulnerabilities/risks that could affect the integrity, availability, or confidentiality of data, systems, or services of the company and provide mitigation solutions
Conduct regular audits to ensure compliance with internal policies and procedures, relevant security standards best practices, regulations and client requirements to identify gaps and provide remediation solutions
Ensure controls are configured correctly and integrated into the security strategy
Collaborate with internal teams to respond to Security Questionnaires, Contract Compliance and Security & Compliance posture questions from customers
Provide guidance and support to internal stakeholders regarding security & compliance practices
Collaborate with internal teams to gather evidence for external audits
Participate in the creation and or maintenance of the Information Security Management System
Maintain an up-to-date knowledge on Security standards, best practices and trends to ensure ongoing compliance
Required skills and experience:
2+ years of experience within a security and compliance function
Experience developing and maintaining policies, procedures, standards, and guidelines to align with company’s strategy and best practices
Experience with security controls implementation, configuration and maintenance
Experience with vulnerability management tooling, remediation, and processes
Experience with coding/scripting in one or more languages (Python, C, C++, Java)
Experience with Linux operating systems (Ubuntu preferred)
Understanding of concepts related to Systems Engineering/DevOps, IaC, IAM, network security, systems security, cryptography
Have a wide understanding of cybersecurity and data protection frameworks such as ISO 27001, NIST, SOC2, PCI-DSS, GDPR, CCPA.
Experience with third party and external audits
Valuable experience:
Bachelor's degree (or equivalent) in Computer Science, Information Systems, or related field
Affinity with Open Source software with regards to compliance
Knowledge of designing and implementing security processes and solutions with topics ranging from architecture, governance, compliance, and operations
Technical or engineering background, including software development, scripting, networking, and cloud architecture
Canonical is a growing international software company that works with the open-source community to deliver Ubuntu, the world’s best free software platform. Our services help businesses worldwide reduce costs, improve efficiency and enhance security with Ubuntu.
About Canonical
Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game.
Canonical is an equal opportunity employer
We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.
#LI-remote